Difficulty: Intermediate
Estimated Time: 5 minutes

CloudSecOps

We'll learn how to use OPA Gatekeeper to only allow only specific users to manager Roles and Cluster Roles.

In this scenario, we have seen how to allow only specific users to manager Roles and Cluster Roles and the reason behind the need of this policy in our organizations.

For more info on this scenario - Restrict Users who can Manage Roles and Cluster Roles

For more OPA Gatekeeper use-cases - Mastering OPA Policies

Restrict Users who can Manage Roles and Cluster Roles

Step 1 of 4

Reason

Often in many environments, pulling images without specifing any tags will by default result in the image with tag "latest" being pulled instead of the recently updated image. Hence blocking of images with the "latest" tag will prevent accidental usage of images tagged "latest" that actually may not be the latest.